Vulnerabilities > Apache > Airflow > 2.4.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-07 | CVE-2022-41672 | Insufficient Session Expiration vulnerability in Apache Airflow In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API. | 8.1 |